Avatar

Introduced in 1994, Open Platform Communications (OPC) is an interoperability standard for industrial control system components like programmable logic controllers (PLCs), human-machine interfaces, and supervisory software. Using OPC, components from different vendors can reliably exchange data to control an industrial process.

Classic OPC was released in an era when security was not a concern for OT systems. Industrial networks were isolated and perceived as secure because they used proprietary protocols. “Security by obscurity” doesn’t work in today’s connected industrial environments.

But securing Classic OPC is challenging:

  • OPC relies on Distributed Component Object Model (DCOM) security. It is based on access control lists (ACLs) which can be very complex—especially when OPC clients and servers are in different security An administrator might be tempted to disable DCOM security measures, allowing remote access without authentication.
  • The complexity of DCOM configurations increases the risks of errors that can lead to security vulnerabilities.
  • DCOM uses dynamically assigned ports to set up a communication channel between an OPC client and an OPC server. As a result, given the range of possible ports, firewall configurations tend to be very permissive which constitutes another security risk. You can purchase firewalls that dynamically open and close ports, but that’s an additional expense.

Another shortcoming of Classic OPC is that it works only on Windows platforms. Today, embedded machines like PLCs and human-machine interfaces generally run real-time operating systems.

OPC-UA—security for modern industrial environments

OPC-UA was introduced in 2006 and most recently updated in 2017. The Cisco IoT Security Research Lab recently wrote a technical white paper explaining how it improves Classic OPC, especially in terms of security.

Briefly, OPC-UA offers three main improvements. It has controls to strengthen industrial security. It works with any operating system, including real-time operating systems. And its flexible data model works in complex environments like electric grids and the industrial IoT. Thanks to this flexibility, OPC-UA has been adopted by groups like the oil and gas industry (MCS-DCS Interface Standard) and the pharmaceutical industry (Open SCS).

OPC-UA has two layers, each with built-in security. The communication layer establishes a secure channel between the client and server using encryption, signatures, and digital certificates. The application layer authenticates the user and verifies permissions. Security mechanisms can slow down application performance, so OPC-UA gives you the option to turn them on or off to balance performance and security needs.

For instance, you might want to implement more security measures in the industrial supervisory or management levels where an OPC server has access to the internet and performance is less important. Conversely, you might want to implement fewer security measures in the industrial process levels where control decisions have to be fast, devices have memory and processing constraints, and security risks are lower because there is no internet access.

Summing up, upgrading from classic OPC to OPC-UA strengthens IoT/OT security. It gives you the flexibility to connect components running operating systems other than Windows. And it lets you balance OT security against performance based on business needs. For a deep dive into the OPC-UA security model, read our technical white paper.

To get the latest industry news on IoT Security delivered straight to your inbox, subscribe to the Cisco IoT Security Newsletter.



Authors

IoT Security Research Lab

Cisco Internet of Things (IoT)